Infrastructure Security Analyst
Iasi, RO
2 zile în urmă

About Mambu

Mambu gives financial institutions a powerful competitive edge by allowing them rapidly create, launch and service any lending or deposit portfolio through a modern SaaS banking platform.

Job Description

Mambu is the leading SaaS core banking engine. If you’re a customer of the largest digital bank in the EU, then you’ve probably interacted with our platform and didn't even know it.

We are at the heart of what makes digital banks and lenders work - the system that processes banking transactions and updates accounts and other financial records from deposits to loans and credit balances.

But Mambu is different. We are not just cloud-native, lean and flexible - we are helping to revolutionise financial services globally.

We are in a growth phase and we’ve only just begun. To help us on our mission, we bring together people with the best skills and attitude.

It doesn’t matter where you are from, what matters is the impact you have and your passion to make a difference. We are looking for an Infrastructure Security Analyst to join our global Platform and Reliability Engineering team and ensure secure infrastructure operations, containment of infrastructure security incidents that may harm the company, and constantly improve the maturity level of Mambu’s infrastructure security.

What you’ll be doing :

  • Ensure that infrastructure events and changes related to information security are timely reviewed
  • Quickly review infrastructure events that impact information security, like access to customer data, to be in line with internal policies;
  • Quickly review infrastructure changes that impact information security, like a change in firewall rules or introduction of a new SaaS solution or open source component, to be in line with internal policies;
  • Work with Security Engineers to automate reviews where possible.
  • Ensure that infrastructure security incidents are quickly contained
  • Quickly perform a first assessment on infrastructure security incidents, including reported vulnerabilities from several sources (IDS, WAF, vendors of third party dependencies, penetration tests), regarding their risk and derive next actions
  • Ensure that security aspects are well reflected in infrastructure risk assessments
  • Support security readiness assessments for new infrastructure services or after major changes;- Support annual and ad-hoc risk assessment workshops with Infrastructure team members to identify and mitigate infrastructure related security risks for existing systems and during the design of new services;
  • Monitor treatment of risks and support continuous improvement of the maturity of the infrastructure security program to reduce security related risks.
  • Ensure security awareness among Infrastructure engineers (SREs)
  • Maintain information security and data privacy training program and train infrastructure engineers on information security and data privacy with respect to their infrastructure engineers function
  • Rensible for successful internal and external security audits and due diligences
  • Coordinate pentests from infrastructure perspective;- Perform internal infrastructure security audits;- Support maintaining the documentation of the infrastructure security in our Control register and security assurance documents;
  • Coordinate table-top exercises for infrastructure team, covering scenarios like disaster recovery, data breaches, or cyber attacks;
  • Attend internal and external audits and due diligence activities to demonstrate evidences of current practices related to infrastructure security.
  • You need to have :

  • Information Security Knowledge : Concepts of information security (confidentiality, integrity, availability, etc.) and their implementation options (encryption, identity and access management, backups, redundancy & high availability, network configuration);
  • Knowledge of modern application architecture;
  • Knowledge of modern infrastructure;
  • Analytical, detail oriented and creative problem solving skills;
  • Strong written and verbal communication skills in English.
  • Nice to have :

  • Information security risk management incl. threat modeling;
  • ISO 27001 Implementation;
  • KnowledgeInternal Auditor Experience;
  • Data Privacy / GDPR Knowledge;
  • Knowledge and experience with a programming language (e.g. Python).
  • Compensation and benefits :

  • Competitive salary;
  • Flexible working hours;
  • Pre-paid parking ticket at Palas / Monthly bus pass;
  • Monthly digital meal tickets;
  • Easter and Christmas gift tickets;
  • Private Health Insurance;
  • 21 days of holiday;
  • Summer schedule (4-days / week);
  • Therapeutic massage;
  • Sports package;
  • Eye glasses vouchers;
  • Fruits, coffee, tea, sweets, popcorn machine and many others;
  • Standup Desk in a very modern office and access to the best logistics;
  • Professional career growth by providing access to trainings and conferences.
  • Why Mambu :

  • Mambu has over 250+ live deployments, helping to revolutionise financial services in more than 46 countries globally, and we're just getting started;
  • We understand nothing ensures our customers' success more than a happy team, so Mambu is built on a culture of trust and a sense of ownership in everything we do;
  • Mambu proactively takes the initiative to improve the industry for the better;
  • Mambu is using top tool for development activities;
  • Because you want more, you want to know how your lines of code impact the world.
  • Raportați această lucrare

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Email-ul meu
    Făcând clic pe "Continuă", acord nevoo consimțământ de a procesa datele mele și de a-mi trimite alerte prin e-mail, așa cum este detaliat în policyApplicația de confidențialitate a lui neuvoo. Pot să-mi retrag consimțământul sau să mă dezabonez în orice moment.